Pardis Emami-Naeini, PhD candidate, Carnegie Mellon University
Yuvraj Agarwal, Assistant Professor, Carnegie Mellon University
Lorrie Faith Cranor, Professor, Carnegie Mellon University
Privacy and Security Nutrition Label for Smart Devices
Our privacy and security label is a tool designed to help consumers make informed purchase decisions for smart devices at the point of sale.
Surveys have shown that consumers want to be informed about data collection, privacy, and security practices of smart devices at the time of purchase. Currently, this information is difficult for consumers to obtain.
We are developing a privacy and security label that includes information on privacy and security practices of the smart device, such as whether or not the device gets cryptographically signed and critical automatic updates or the type of data the device is collecting. In addition to privacy and security information, the label includes some general information about the device, such as the firmware version or where the device was manufactured.
WHO IS THIS FOR?
Consumers of smart devices, with or without privacy and security expertise
Manufacturers of smart devices
Regulators and policy makers
Alicia is always excited about technology and cool gadgets. She is a frequent buyer of smart devices. However, she has become super concerned since her last purchased device, which was a smart baby monitor, got hacked and a stranger yelled at her baby. Since then, she tries to search for privacy and security information for smart devices before making the purchase. But this has been very difficult for her as such information is not always easy to find.
If manufacturers of smart devices publish privacy and security labels, Alicia will make an informed purchase decision based on a readily available information at the point of sale. The label will help Alicia and other smart device consumers to consider privacy and security while making purchase decisions.
Exploring How Privacy and Security Factor into IoT Device Purchase Behavior